[Feature][scaleph-security] add security web resource and role relati…

…on api (#644) * fix: seatunnel base image * feature: add resource-web and role relation api
flowerfine · Nov 15, 2023 · 99a7654 · 99a7654
1 parent c960bbb
commit 99a7654
Show file tree

Hide file tree

Showing 13 changed files with 555 additions and 32 deletions.
diff --git a/scaleph-api/src/main/java/cn/sliew/scaleph/api/controller/admin/SecAuthorizeController.java b/scaleph-api/src/main/java/cn/sliew/scaleph/api/controller/admin/SecAuthorizeController.java
@@ -20,16 +20,23 @@
 
 import cn.sliew.scaleph.api.annotation.Logging;
 import cn.sliew.scaleph.security.service.SecAuthorizeService;
+import cn.sliew.scaleph.security.service.dto.SecResourceWebWithAuthorizeDTO;
+import cn.sliew.scaleph.security.service.dto.SecRoleDTO;
 import cn.sliew.scaleph.security.service.dto.UmiRoute;
+import cn.sliew.scaleph.security.service.param.SecResourceWebBatchAuthorizeForRoleParam;
+import cn.sliew.scaleph.security.service.param.SecResourceWebListByRoleParam;
+import cn.sliew.scaleph.security.service.param.SecRoleBatchAuthorizeForResourceWebParam;
+import cn.sliew.scaleph.security.service.param.SecRoleListByResourceWebParam;
+import cn.sliew.scaleph.system.model.ResponseVO;
+import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
-import org.springframework.web.bind.annotation.GetMapping;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RestController;
+import org.springframework.web.bind.annotation.*;
 
+import javax.validation.Valid;
 import java.util.List;
 
 @RestController
@@ -47,4 +54,61 @@ public ResponseEntity<List<UmiRoute>> getUmiRoutes() {
         List<UmiRoute> routes = secAuthorizeService.getWebRoute();
         return new ResponseEntity<>(routes, HttpStatus.OK);
     }
+
+    @Logging
+    @GetMapping("resource-web/authorized-roles")
+    @Operation(summary = "查询 资源-web 绑定角色列表", description = "查询 资源-web 绑定角色列表")
+    public ResponseEntity<Page<SecRoleDTO>> listAuthorizedRolesByResourceWebId(@Valid SecRoleListByResourceWebParam param) {
+        Page<SecRoleDTO> result = secAuthorizeService.listAuthorizedRolesByResourceWebId(param);
+        return new ResponseEntity<>(result, HttpStatus.OK);
+    }
+
+    @Logging
+    @GetMapping("resource-web/unauthorized-roles")
+    @Operation(summary = "查询 资源-web 未绑定角色列表", description = "查询 资源-web 未绑定角色列表")
+    public ResponseEntity<Page<SecRoleDTO>> listUnauthorizedRolesByResourceWebId(@Valid SecRoleListByResourceWebParam param) {
+        Page<SecRoleDTO> result = secAuthorizeService.listUnauthorizedRolesByResourceWebId(param);
+        return new ResponseEntity<>(result, HttpStatus.OK);
+    }
+
+    @Logging
+    @PutMapping("resource-web/roles")
+    @Operation(summary = "批量为 资源-web 绑定角色", description = "批量为 资源-web 绑定角色")
+    public ResponseEntity<ResponseVO> authorize(@Valid @RequestBody SecRoleBatchAuthorizeForResourceWebParam param) {
+        secAuthorizeService.authorize(param);
+        return new ResponseEntity<>(ResponseVO.success(), HttpStatus.OK);
+    }
+
+    @Logging
+    @DeleteMapping("resource-web/roles")
+    @Operation(summary = "批量为 资源-web 解除角色绑定", description = "批量为 资源-web 解除角色绑定")
+    public ResponseEntity<ResponseVO> unauthorize(@Valid @RequestBody SecRoleBatchAuthorizeForResourceWebParam param) {
+        secAuthorizeService.unauthorize(param);
+        return new ResponseEntity<>(ResponseVO.success(), HttpStatus.OK);
+    }
+
+    @Logging
+    @GetMapping("role/resource-webs")
+    @Operation(summary = "查询所有 资源-web 和指定角色绑定状态", description = "查询所有 资源-web 和指定角色绑定状态")
+    public ResponseEntity<List<SecResourceWebWithAuthorizeDTO>> listResourceWebsByRole(@Valid SecResourceWebListByRoleParam param) {
+        List<SecResourceWebWithAuthorizeDTO> result = secAuthorizeService.listResourceWebsByRoleId(param);
+        return new ResponseEntity<>(result, HttpStatus.OK);
+    }
+
+    @Logging
+    @PutMapping("role/resource-webs")
+    @Operation(summary = "批量为角色绑定 资源-web", description = "批量为角色绑定 资源-web")
+    public ResponseEntity<ResponseVO> authorize(@Valid @RequestBody SecResourceWebBatchAuthorizeForRoleParam param) {
+        secAuthorizeService.authorize(param);
+        return new ResponseEntity<>(ResponseVO.success(), HttpStatus.OK);
+    }
+
+    @Logging
+    @DeleteMapping("role/resource-webs")
+    @Operation(summary = "批量为角色解除 资源-web 绑定", description = "批量为角色解除 资源-web 绑定")
+    public ResponseEntity<ResponseVO> unauthorize(@Valid @RequestBody SecResourceWebBatchAuthorizeForRoleParam param) {
+        secAuthorizeService.unauthorize(param);
+        return new ResponseEntity<>(ResponseVO.success(), HttpStatus.OK);
+    }
+
 }
diff --git a/scaleph-dao/src/main/java/cn/sliew/scaleph/dao/entity/master/security/SecResourceWebVO.java b/scaleph-dao/src/main/java/cn/sliew/scaleph/dao/entity/master/security/SecResourceWebVO.java
@@ -0,0 +1,27 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package cn.sliew.scaleph.dao.entity.master.security;
+
+import lombok.Data;
+
+@Data
+public class SecResourceWebVO extends SecResourceWeb {
+
+    private Long roleId;
+}
diff --git a/...o/src/main/java/cn/sliew/scaleph/dao/mapper/master/security/SecResourceWebRoleMapper.java b/...o/src/main/java/cn/sliew/scaleph/dao/mapper/master/security/SecResourceWebRoleMapper.java
@@ -19,14 +19,16 @@
 package cn.sliew.scaleph.dao.mapper.master.security;
 
 import cn.sliew.scaleph.common.dict.security.RoleStatus;
-import cn.sliew.scaleph.dao.entity.master.security.SecResourceWeb;
 import cn.sliew.scaleph.dao.entity.master.security.SecResourceWebRole;
+import cn.sliew.scaleph.dao.entity.master.security.SecResourceWebVO;
 import cn.sliew.scaleph.dao.entity.master.security.SecRole;
 import com.baomidou.mybatisplus.core.mapper.BaseMapper;
 import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
 import org.apache.ibatis.annotations.Param;
 import org.springframework.stereotype.Repository;
 
+import java.util.List;
+
 /**
  * 资源-web与角色关联表 Mapper 接口
  */
@@ -49,5 +51,8 @@ Page<SecRole> selectUnrelatedRolesByWebResource(Page page,
                                                     @Param("status") RoleStatus status,
                                                     @Param("name") String name);
 
-    Page<SecResourceWeb> selectAllResourceWebWithAuthorizeStatus(@Param("roleId") Long roleId);
+    /**
+     * 查询所有 资源-web，包含角色关联信息
+     */
+    List<SecResourceWebVO> selectAllResourceWebWithAuthorizeStatus(@Param("roleId") Long roleId, @Param("pid") Long pid);
 }
diff --git a/...o/src/main/resources/cn/sliew/scaleph/dao/mapper/master/security/SecResourceWebMapper.xml b/...o/src/main/resources/cn/sliew/scaleph/dao/mapper/master/security/SecResourceWebMapper.xml
@@ -18,23 +18,27 @@
 
 <!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
 <mapper namespace="cn.sliew.scaleph.dao.mapper.master.security.SecResourceWebMapper">
-
     <!-- 通用查询映射结果 -->
     <resultMap id="BaseResultMap" type="cn.sliew.scaleph.dao.entity.master.security.SecResourceWeb">
-        <result column="id" property="id" />
-        <result column="creator" property="creator" />
-        <result column="create_time" property="createTime" />
-        <result column="editor" property="editor" />
-        <result column="update_time" property="updateTime" />
-        <result column="type" property="type" />
-        <result column="pid" property="pid" />
-        <result column="name" property="name" />
-        <result column="path" property="path" />
-        <result column="redirect" property="redirect" />
-        <result column="layout" property="layout" />
-        <result column="icon" property="icon" />
-        <result column="component" property="component" />
-        <result column="remark" property="remark" />
+        <result column="id" property="id"/>
+        <result column="creator" property="creator"/>
+        <result column="create_time" property="createTime"/>
+        <result column="editor" property="editor"/>
+        <result column="update_time" property="updateTime"/>
+        <result column="type" property="type"/>
+        <result column="pid" property="pid"/>
+        <result column="name" property="name"/>
+        <result column="path" property="path"/>
+        <result column="redirect" property="redirect"/>
+        <result column="layout" property="layout"/>
+        <result column="icon" property="icon"/>
+        <result column="component" property="component"/>
+        <result column="remark" property="remark"/>
+    </resultMap>
+
+    <resultMap id="SecResourceWebVOMap" type="cn.sliew.scaleph.dao.entity.master.security.SecResourceWebVO"
+               extends="BaseResultMap">
+        <result column="role_id" property="roleId"/>
     </resultMap>
 
     <!-- 通用查询结果列 -->
@@ -46,5 +50,4 @@
         update_time,
         `type`, pid, `name`, `path`, redirect, layout, icon, `component`, remark
     </sql>
-
 </mapper>
diff --git a/...c/main/resources/cn/sliew/scaleph/dao/mapper/master/security/SecResourceWebRoleMapper.xml b/...c/main/resources/cn/sliew/scaleph/dao/mapper/master/security/SecResourceWebRoleMapper.xml
@@ -18,16 +18,15 @@
 
 <!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
 <mapper namespace="cn.sliew.scaleph.dao.mapper.master.security.SecResourceWebRoleMapper">
-
     <!-- 通用查询映射结果 -->
     <resultMap id="BaseResultMap" type="cn.sliew.scaleph.dao.entity.master.security.SecResourceWebRole">
-        <result column="id" property="id" />
-        <result column="creator" property="creator" />
-        <result column="create_time" property="createTime" />
-        <result column="editor" property="editor" />
-        <result column="update_time" property="updateTime" />
-        <result column="resource_web_id" property="resourceWebId" />
-        <result column="role_id" property="roleId" />
+        <result column="id" property="id"/>
+        <result column="creator" property="creator"/>
+        <result column="create_time" property="createTime"/>
+        <result column="editor" property="editor"/>
+        <result column="update_time" property="updateTime"/>
+        <result column="resource_web_id" property="resourceWebId"/>
+        <result column="role_id" property="roleId"/>
     </resultMap>
 
     <!-- 通用查询结果列 -->
@@ -40,7 +39,8 @@
         resource_web_id, role_id
     </sql>
 
-    <select id="selectRelatedRolesByWebResource" resultMap="cn.sliew.scaleph.dao.mapper.master.security.SecRoleMapper.SecRoleMap">
+    <select id="selectRelatedRolesByWebResource"
+            resultMap="cn.sliew.scaleph.dao.mapper.master.security.SecRoleMapper.SecRoleMap">
         SELECT
         t1.*
         FROM
@@ -58,7 +58,8 @@
         t1.`code`
     </select>
 
-    <select id="selectUnrelatedRolesByWebResource" resultMap="cn.sliew.scaleph.dao.mapper.master.security.SecRoleMapper.SecRoleMap">
+    <select id="selectUnrelatedRolesByWebResource"
+            resultMap="cn.sliew.scaleph.dao.mapper.master.security.SecRoleMapper.SecRoleMap">
         SELECT
         t1.*
         FROM
@@ -70,9 +71,20 @@
         <if test="name != null and name != ''">
             AND t1.`name` like concat('%',#{name},'%')
         </if>
-        AND NOT EXISTS ( SELECT * FROM sec_resource_web_role t2 WHERE t1.id = t2.role_id AND t2.resource_web_id = #{resourceWebId} )
+        AND NOT EXISTS ( SELECT * FROM sec_resource_web_role t2 WHERE t1.id = t2.role_id AND t2.resource_web_id =
+        #{resourceWebId} )
         ORDER BY
         t1.`code`
     </select>
 
+    <select id="selectAllResourceWebWithAuthorizeStatus"
+            resultMap="cn.sliew.scaleph.dao.mapper.master.security.SecResourceWebMapper.SecResourceWebVOMap">
+        SELECT t1.*,
+               t2.role_id
+        FROM sec_resource_web t1
+                 LEFT JOIN sec_resource_web_role t2 ON t1.id = t2.resource_web_id
+            AND t2.role_id = #{roleId}
+        WHERE
+            t1.pid = #{pid}
+    </select>
 </mapper>
diff --git a/scaleph-security/src/main/java/cn/sliew/scaleph/security/service/SecAuthorizeService.java b/scaleph-security/src/main/java/cn/sliew/scaleph/security/service/SecAuthorizeService.java
@@ -18,7 +18,14 @@
 
 package cn.sliew.scaleph.security.service;
 
+import cn.sliew.scaleph.security.service.dto.SecResourceWebWithAuthorizeDTO;
+import cn.sliew.scaleph.security.service.dto.SecRoleDTO;
 import cn.sliew.scaleph.security.service.dto.UmiRoute;
+import cn.sliew.scaleph.security.service.param.SecResourceWebBatchAuthorizeForRoleParam;
+import cn.sliew.scaleph.security.service.param.SecResourceWebListByRoleParam;
+import cn.sliew.scaleph.security.service.param.SecRoleBatchAuthorizeForResourceWebParam;
+import cn.sliew.scaleph.security.service.param.SecRoleListByResourceWebParam;
+import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
 
 import java.util.List;
 
@@ -28,4 +35,47 @@ public interface SecAuthorizeService {
      * 将用户拥有的前端资源转化为 umi.js 的 route 配置
      */
     List<UmiRoute> getWebRoute();
+
+    // -------------------------------------------------------------------------------------------
+    // resource-web -> role
+    // -------------------------------------------------------------------------------------------
+
+    /**
+     * 查询 资源-web 绑定角色列表
+     */
+    Page<SecRoleDTO> listAuthorizedRolesByResourceWebId(SecRoleListByResourceWebParam param);
+
+    /**
+     * 查询 资源-web 未绑定角色列表
+     */
+    Page<SecRoleDTO> listUnauthorizedRolesByResourceWebId(SecRoleListByResourceWebParam param);
+
+    /**
+     * 批量为 资源-web 绑定角色
+     */
+    void authorize(SecRoleBatchAuthorizeForResourceWebParam param);
+
+    /**
+     * 批量为 资源-web 解除角色绑定
+     */
+    void unauthorize(SecRoleBatchAuthorizeForResourceWebParam param);
+
+    // -------------------------------------------------------------------------------------------
+    // role -> resource-web
+    // -------------------------------------------------------------------------------------------
+    /**
+     * 查询所有 资源-web 和指定角色绑定状态
+     */
+    List<SecResourceWebWithAuthorizeDTO> listResourceWebsByRoleId(SecResourceWebListByRoleParam param);
+
+    /**
+     * 批量为角色绑定 资源-web
+     */
+    void authorize(SecResourceWebBatchAuthorizeForRoleParam param);
+
+    /**
+     * 批量为角色解除 资源-web 绑定
+     */
+    void unauthorize(SecResourceWebBatchAuthorizeForRoleParam param);
+
 }
diff --git a/...in/java/cn/sliew/scaleph/security/service/convert/SecResourceWebWithAuthorizeConvert.java b/...in/java/cn/sliew/scaleph/security/service/convert/SecResourceWebWithAuthorizeConvert.java
@@ -0,0 +1,46 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package cn.sliew.scaleph.security.service.convert;
+
+import cn.sliew.scaleph.common.convert.BaseConvert;
+import cn.sliew.scaleph.common.dict.common.YesOrNo;
+import cn.sliew.scaleph.dao.entity.master.security.SecResourceWebVO;
+import cn.sliew.scaleph.security.service.dto.SecResourceWebWithAuthorizeDTO;
+import org.mapstruct.Mapper;
+import org.mapstruct.factory.Mappers;
+import org.springframework.beans.BeanUtils;
+
+@Mapper
+public interface SecResourceWebWithAuthorizeConvert extends BaseConvert<SecResourceWebVO, SecResourceWebWithAuthorizeDTO> {
+
+    SecResourceWebWithAuthorizeConvert INSTANCE = Mappers.getMapper(SecResourceWebWithAuthorizeConvert.class);
+
+    @Override
+    default SecResourceWebVO toDo(SecResourceWebWithAuthorizeDTO dto) {
+        throw new UnsupportedOperationException();
+    }
+
+    @Override
+    default SecResourceWebWithAuthorizeDTO toDto(SecResourceWebVO entity) {
+        SecResourceWebWithAuthorizeDTO dto = new SecResourceWebWithAuthorizeDTO();
+        BeanUtils.copyProperties(SecResourceWebConvert.INSTANCE.toDto(entity), dto);
+        dto.setAuthorized(entity.getRoleId() != null ? YesOrNo.YES : YesOrNo.NO);
+        return dto;
+    }
+}